-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jared Mauch wrote: | I'm not saying this to trash cisco, many people there know that, | but the important thing is insuring that the global internet isn't | further harmed, and as more allocations are done the harm becomes | greater and it hurts every single person in this industry, providers | and vendors alike. k, bit my tongue as much as I could... But I gotta vent ;-P So, Cisco provides this 'AutoSecure' function and everyone jumps all over the static bogon list. Why? Hello? The basic idea here is that it gets you decent out of the box setup defaults which you tailor after running it, right? (NOTE: I haven't actually hit the AUTOSECURE button yet, just read a little about it) Whats so bad about decent secure defaults? I just see it as a shortcut to getting a router online, not a solution to security. If you're implementing a new router and setting up Bogon filters you should already know that they'll need to be updated regularly and should replace the access list with a refreshed one using the autosecure configuration as a TEMPLATE that you work off of. If you don't know this, then you shouldn't be in charge of said router. Am I missing something here??? - -- ~ /"\ ~ \ / ASCII RIBBON CAMPAIGN ~ X AGAINST HTML MAIL ~ / \ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iD8DBQFB7/Z925hr1at2zS8RAsyyAJ9DBfqDfgsdmCpCJP0oxhJ57pkLSgCfQsTb ujQRVk4dJa82CZfnq7AhgWc= =4VkL -----END PGP SIGNATURE-----